openwrt/package/libs
Kevin Darbyshire-Bryant 69ac637fbb mbedtls: update to 2.6.0 CVE-2017-14032
Fixed an authentication bypass issue in SSL/TLS. When the TLS
authentication mode was set to 'optional',
mbedtls_ssl_get_verify_result() would incorrectly return 0 when the
peer's X.509 certificate chain had more than
MBEDTLS_X509_MAX_INTERMEDIATE_CA intermediates (default: 8), even when
it was not trusted. This could be triggered remotely on both the client
and server side. (Note, with the authentication mode set by
mbedtls_ssl_conf_authmode()to be 'required' (the default), the handshake
was correctly aborted).

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Tested-by: Magnus Kroken <mkroken@gmail.com>
2017-09-11 01:56:14 +02:00
..
argp-standalone treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
cyassl cyassl: update to wolfssl version 3.10.0 2017-01-10 00:10:15 +01:00
elfutils elfutils: Pass -Wno-unused-result to silence warnings as errors 2017-05-26 15:42:03 -07:00
gettext package: replace $(STAGING_DIR)/host with $(STAGING_DIR_HOSTPKG) 2017-01-10 22:15:37 +01:00
gettext-full gettext-full: fix to use $STAGING_DIR_HOSTPKG instead of $STAGING_DIR/host 2017-01-19 00:05:10 +01:00
gmp gmp: Update to 6.1.2 2017-01-03 14:24:33 +01:00
libbsd treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libconfig treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libevent2 treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libiconv package: replace $(STAGING_DIR)/host with $(STAGING_DIR_HOSTPKG) 2017-01-10 22:15:37 +01:00
libiconv-full treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libjson-c json-c: disable implicit fallthrough warning (gcc 7) 2017-05-25 19:01:07 +02:00
libmnl treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libnetfilter-conntrack treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libnetfilter-cthelper treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libnetfilter-cttimeout treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libnetfilter-log treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libnetfilter-queue treewide: clean up and unify PKG_VERSION for git based downloads 2016-12-22 16:42:21 +01:00
libnfnetlink treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libnftnl libs/libnftnl: Update to 1.0.7 2017-05-16 17:22:58 +02:00
libnl libnl: Fix building with uClibc 2017-03-16 11:28:28 +01:00
libnl-tiny libnl-tiny: define _GNU_SOURCE if not defined 2016-12-20 09:35:36 +01:00
libpcap libs/libpcap: Rework URLs 2017-03-22 09:16:23 +01:00
libroxml treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
librpc treewide: clean up and unify PKG_VERSION for git based downloads 2016-12-22 16:42:21 +01:00
libtool libtool: don't clobber host libtool infrastructure 2017-01-22 00:40:38 +01:00
libubox libubox: update to the latest version, fixes a runqueue use-after-free bug 2017-06-17 11:51:41 +02:00
libunwind libunwind: update to version 1.2.1 2017-06-19 14:43:09 +08:00
libusb libusb: Update to 1.0.21 2017-01-03 14:24:33 +01:00
libusb-compat treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
lzo lzo: use default Build/Configure rule 2017-07-14 08:45:40 +02:00
mbedtls mbedtls: update to 2.6.0 CVE-2017-14032 2017-09-11 01:56:14 +02:00
ncurses ncurses: add libnucrses-dev package 2017-07-08 23:19:31 +02:00
nettle treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
openssl openssl: update to version 1.0.2l 2017-07-28 23:07:17 +02:00
popt treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
readline libreadline: add host-build 2017-06-24 14:38:14 +02:00
sysfsutils treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
toolchain toolchain: Package libgomp 2017-05-11 13:42:55 -07:00
uclibc++ uclibc++: patch bugfix erase() on derived __base_associative 2017-02-09 12:26:55 +01:00
uclient uclient: update to 2017-09-06 2017-09-06 15:46:03 +02:00
ustream-ssl ustream-ssl: remove legacy polarssl support 2017-01-09 14:35:09 +01:00
zlib zlib: use default Build/Configure rule 2017-07-14 08:45:55 +02:00